Cybersecurity SME

Position Overview Diaconia is looking for a talented Cybersecurity SME to join our team. Responsibilities Responsible for the maintenance and support of DoD and Air Force computing systems and networks (both unclassified and classified). This position will require the individual to obtain/maintain classified systems administrative privileges for SIPRNet and other systems. The individual shall perform system trusted downloads, burning classified Compact Discs (CDs), maintain and update host system. Have knowledge of the Systems Security Engineering disciplines to include Anti‑Tamper, Trusted Systems & Networks, Cybersecurity, Hardware/Software/Firmware Assurance, Supply Chain Risk Management, Acquisition Security, Cyber Resiliency, and Information Protection. Support the Systems Engineer with program engineering milestone reviews, test planning, and certification and accreditation packages. Assist the Information Systems Security Manager (ISSM) and provide multi‑discipline expertise covering project management, system security engineering, system administration, and network administration. Provide direct support to assure compliance to the most current revision of the Security Directives applicable to Platform Information Technology (PIT), PITI and non‑PIT systems being supported. These include DoDI 8500.01, Cybersecurity, DoDI 8510.01, RMF for DoD IT, JSIG, NIST 800‑53, and directives/guidance identified in DoDI 5000.02. Provide cybersecurity support to assigned systems and shall assist in developing, modifying, reviewing, or coordinating items that include, but are not limited to: PIT determination package, cybersecurity strategy (formerly IAS), System Security Plan (SSP), system controls traceability matrix, risk assessment report, plan of action and milestones, security assessment plan, artifacts for program review and RFP. Provide RMF expertise and support for PIT products or other non‑traditional products which may be evaluated or implemented under the provisions of DoDI 5000.02, AF 17‑series directives, AFI 61‑101 or AFGM 2018‑63‑146‑01 to include review required program office artifacts and make recommendations to support cybersecurity RMF analysis. Assist in evaluating the technical implementation of the security design to ascertain that security software, hardware and firmware features affecting confidentiality, integrity, availability, accountability, and non‑repudiation have been implemented as documented in the Director of Central Intelligence Directive (DCID) 6/3, JSIG, DoDI 8500.01, DoDI 8510.01, and NIST 800‑53, and that the features perform properly. Assist in documenting and reporting IV&V test plans, results, anomaly reports, recommendations, activity reports and other special reports as required. Assist in performing cybersecurity site audits to verify architecture analysis, cybersecurity requirements and controls, verify mitigation actions, witness cybersecurity testing and evaluation, and to support final approval for Interim Authority to Test (IATT), Interim Authority To Operate (IATO), Authority To Operate (ATO), and/or Authority To Connect (ATC). Assist in identifying the Software Assurance (SWA) pedigree (including platform software) and QA issues and documenting the results. Assist the Government in conducting Supply Chain Risk Management (SCRM). Assist in developing and documenting SCRM plans and implementation activities in appropriate acquisition and security documents including but not limited to the acquisition strategy, SEP, PPP, and SSP. Requirements Advanced Degree (Master of Arts (MA) / Master of Science (MS)) and twelve (15) years of experience in the respective technical / professional discipline, five (5) years of which must be in the DoD. OR, BA/BS degree, and fifteen (18) years of experience in the respective technical/professional discipline, five (5) of which must be in the DoD. OR, twenty (24) years of IT and Cybersecurity experience. SME subject matter expertise for rapid acquisition activities including rapid prototyping and fielding conducted under AFGM 2018‑63‑146‑01 Rapid Acquisition Activities or subsequent publication. Proficiency with Windows Operating Systems (OS), Windows group policy objects, DoD Cybersecurity, National Institute of Standards and Technology (NIST) Risk Management Framework (RMF), Security Technical Implementation Guides (STIGs), Endpoint Security System (SS)/Host‑based Security System (HBS) and DoD Public Key Infrastructure (PKI). Understanding of Security Directives applicable to Platform Information Technology (PIT), PITI and non‑PIT systems being supported, including DoDI 8500.01, Cybersecurity, DoDI 8510.01, RMF for DoD IT, JSIG, NIST 800‑53, and directives/guidance identified in DoDI 5000.02. Developing and managing PIT determination packages, including cybersecurity strategy (formerly IAS), System Security Plan (SSP), system related experience with proper certifications as described in the Functionally Aligned Job Descriptions, eight (8) of which must be in the DoD. U.S. Citizenship required; Ability to obtain and maintain a Secret DoD Secret Security Clearance. Minimum of 10 years of Cybersecurity Experience, with 5 of that in the U.S. Department of Defense (DoD). Managing, planning, documenting, and conducting Independent Verification and Validation (IV&V) of security requirements for weapon systems. Identifying the Software Assurance (SWA) pedigree (including platform software) and QA issues and documenting the result. Conducting arrangement of Science and Technology. Provide capable Supply Chain Risk Management (SCRM). Developing and documenting SCRM plans and implementation activities in appropriate acquisition and security documents including but not limited to the acquisition strategy, SEP, PPP, and SSP. Provide subject matter expertise as needed to the directorate's capability development planning activities conducted under AFI 61‑101, mobility development planning and rapid acquisition activities, provide technical assistance, expertise and support for technical solutions which involve products not normally found in the DoD weapon systems acquisition programs such as COTS products, commercial items, and non‑developmental items as defined in FAR Parts 2 and 12, or technologies developed by non‑traditional contractors. Already possess or willing to obtain within 6 months of hire: Appropriate baseline DoD 8570 certification and continuing education for their assigned position category or specialty and level. Possesses the advanced knowledge, experience, and recognized ability to be considered an expert in the technical/professional field, possess the ability to perform tasks and oversee the efforts of junior and journeyman personnel within the technical/professional discipline. Will demonstrate advanced knowledge of technical/professional discipline as well as possess a comprehensive understanding and ability to apply associated standards, procedures, and practices in their area of expertise. US Citizenship required; Active Secret Clearance with the ability to obtain and maintain DoD TS/SCI clearance after start date. Preferred Qualifications Active DoD 8570 certification Active TS/SCI clearance Disclaimer The responsibilities and duties outlined in this job description are intended to describe the general nature and level of work performed by employees within this role. However, they are not exhaustive and may be subject to change or modification at any time to meet the evolving needs of the organization. #J-18808-Ljbffr Diaconia